src: replace unreachable code with static_assert
This function base64-decodes a given JavaScript string to obtain the secret key, whose length must not exceed INT_MAX
. However, because JavaScript strings are limited to v8::String::kMaxLength
chars and because base64 decoding never yields more bytes than input chars, the size of the decoded key must be strictly less than v8::String::kMaxLength
bytes. Therefore, it is sufficient to statically assert that String::kMaxLength <= INT_MAX
(which is always true because String::kMaxLength
itself is an int).
Aside from being unreachable, Coverity considers the current code "suspicious" because it indicates that buffers larger than INT_MAX
might actually be allocated.